SWIFT, the go-to network for international payments, is undergoing changes that will bring it into line with ISO 20022 standards.
These SWIFT-specific standards are called Cross Border Payments and Reporting Plus, or CBPR+, and they will define the payments messaging that will be used by all businesses and banks around the world. CBPR+ is closely related to ISO 20022 and mandates its use, but is a separate framework altogether.
Understanding CBPR+
Like the wider ISO 20022 changes, CBPR+ will simplify and automate payments – by providing clear rules, structured data, and mandated information. In turn, this means that banks and other financial institutions can process cross-border payments more efficiently – which means a reduction in costs, an increase in customer experience, and a host of other benefits.
CBPR+ will completely replace SWIFT’s type 1, 2, and 9 messages – eliminating the proprietary MT messaging format and replacing it with the universal XML-based MX messages. This will make SWIFT payments more easily integrated with existing systems, and more easily automated to improve efficiency.
Benefits of CBPR+
- Better efficiency:
- Better data quality:
- Lower operating costs:
- Greater accuracy:
- Higher security:
- Better innovation:
Improved data parsing and more automation of many of the manual processes involved in cross-border payment processing, means CBPR+ will significantly reduce the time and effort required to complete transactions. It makes straight-through processing available to all parties.
Mandated structured data will give banks, financial institutions, and consumers a far richer view of what each transaction is for. A higher quality (and quantity) of data will improve (and speed up) decision-making, leading to more informed business decisions and capitalisation of opportunities. It will also expedite reconciliation and reduce the number of queries around payments – as troubleshooting can be done by anybody viewing the data, not just the experts.
Streamlined processes and a reduction of manual intervention means less labour cost and potentially fewer licenses for software that used translate the SWIFT-specific MT messaging.
Standardised data formats and automated processing minimise the risk of errors and discrepancies in payment instructions.
CBPR+ incorporates robust security measures to protect sensitive payment information.
Using a standardised framework and universal payments language allows for development of new and innovative cross-border payment products and services.
CBPR+ and ISO 20022 migration
Despite all the benefits, the migration to ISO 20022 (and CBPR+) will be a major undertaking for financial institutions.
Many of your legacy systems and almost all your processes will require changes to comply with the new messaging system. For more detailed information on ISO 20022 migration, visit our Resource Hub.
Migrating to ISO 20022 will be different for each organisation, but will generally involve the following six steps:
1. Assessment & Planning:
Identify Legacy Systems and Processes:
- Inventory all existing systems involved in payment processing, including core banking systems, payment hubs, and treasury management systems.
- Document current data formats, message types, and communication protocols.
- Analyse business processes to understand how they interact with legacy systems.
Gap Analysis:
- Compare the capabilities of legacy systems with ISO 20022 standards.
- Identify missing functionalities, such as support for new message types (e.g., pain.008 for payment orders) or enhanced data elements.
- Assess the complexity of mapping legacy data formats to ISO 20022 standards.
Migration Strategy Development:
- Define a clear migration approach, such as a big bang or phased approach.
- Develop a detailed project plan, including timelines, milestones, and resource allocation.
- Identify potential risks and mitigation strategies.
- Establish a governance structure to oversee the migration project.
2. System Upgrades:
Technology Assessment:
- Evaluate the technical feasibility of upgrading existing systems to support ISO 20022. Consider hardware, software, and network infrastructure requirements.
System Selection:
- If necessary, identify and select new systems or components that are ISO 20022 compliant. Consider factors such as scalability, security, and vendor support.
System Integration:
- Integrate new systems with existing infrastructure, ensuring seamless data flow and communication. Configure system settings and parameters to comply with ISO 20022 standards.
3. Data Conversion:
Data Mapping:
- Map legacy data fields to ISO 20022 data elements.
- Consider data quality issues, such as missing or inconsistent data.
Data Validation:
- Validate converted data to ensure accuracy and completeness.
- Implement data cleansing and enrichment processes.
Data Migration:
- Migrate data from legacy systems to the new ISO 20022 compliant systems. Use data migration tools to automate the process.
4. Testing:
Unit Testing:
- Test individual components of the new system to ensure they function correctly.
Integration Testing:
- Test the integration of different systems and components to verify data flow and message exchange.
- Simulate real-world scenarios to identify potential issues.
User Acceptance Testing (UAT):
- Involve end-users in testing to identify and resolve any issues.
- Conduct UAT in a controlled environment to minimise disruptions.
5. Deployment:
Pilot Implementation:
- Implement ISO 20022 in a phased approach, starting with low-risk transactions.
- Monitor the pilot phase closely to identify and address any challenges.
- Develop a detailed plan to minimise disruption during the transition.
- Provide ongoing support to address any issues and optimise the new systems.
- Train staff on the new ISO 20022 systems and processes.
- Provide training on data entry, validation, and message creation.
- Develop training materials and conduct hands-on training sessions.
- Implement change management strategies to minimise resistance and ensure smooth adoption of the new systems.
- Payment orders:
- Payment Status reports:
- Cash Management messages:
- Cheques:
- Direct Debits:
- Trade Finance transactions:
- Identify Scope: Determine the scope of CBPR+ impact on your organisation, considering factors like cross-border payment volumes, jurisdictions involved, and payment types.
- Assess Current Systems and Processes: Evaluate the alignment of existing systems (core banking, payment hubs, treasury systems) and processes with ISO 20022 standards.
- Identify Gaps: Pinpoint areas where your systems and processes may need to be upgraded or modified to comply with CBPR+ requirements. For example, if your current system doesn’t support the specific data elements required by pain.001 messages, it will need to be upgraded.
- Set Clear Objectives: Define specific, measurable, achievable, relevant, and time-bound (SMART) objectives for your CBPR+ implementation.
- Create a Project Timeline: Develop a detailed project timeline, including key milestones and deadlines.
- Allocate Resources: Assign dedicated resources (e.g., project managers, technical experts, compliance officers) to the project.
- Identify Potential Risks: Assess potential risks (e.g., technical challenges, regulatory changes) and develop mitigation strategies.
- Core Banking Systems: Ensure compatibility with ISO 20022 message formats and data structures.
- Payment Hubs: Upgrade to handle new message types (e.g., pain.001, pain.002, camt.053) and data elements.
- Treasury Management Systems: Adapt to new reporting requirements and data standards.
- Data Mapping: Map legacy data fields to ISO 20022 data elements. For instance, map the “payer reference” field in your legacy system to the “PaymentIdentification” field in a pain.001 message.
- Data Validation: Implement robust data validation rules to ensure data quality.
- Data Migration: Migrate data to the new ISO 20022 compliant systems.
- Payment Initiation: Update payment initiation processes to comply with CBPR+ requirements, including data quality checks and validation.
- Payment Reconciliation: Enhance reconciliation processes to identify and resolve discrepancies.
- Reporting: Implement robust reporting processes to meet CBPR+ reporting obligations, such as generating reports on payment volumes, currencies, and transaction types.
- Risk Management: Establish a robust risk management framework to identify and mitigate risks.
- Compliance Monitoring: Implement regular monitoring and control procedures to ensure ongoing compliance.
- Incident Management: Develop incident response plans to address any issues or breaches.
- Unit Testing: Test individual components of the new systems to ensure they function correctly.
- Integration Testing: Test the integration of different systems to verify data flow and message exchange.
- User Acceptance Testing (UAT): Involve end-users in testing to identify and resolve any issues.
- Pilot Implementation: Implement CBPR+ in a phased approach, starting with low-risk transactions.
- Full-Scale Deployment: Deploy the new systems and processes across the organisation.
Full-Scale Deployment:
6. Training:
Staff Training:
Change Management:
CBPR+ Payments
CBPR+ will apply to all cross-border payments that traditionally have used the SWIFT network, and will provide a range of benefits to each:
CBPR+ standardises the format and content of payment orders using ISO 20022 message types like pain.001. This ensures consistent and accurate information exchange between banks and payment service providers.
CBPR+ introduces standardised payment status reports (e.g., pain.002) to provide real-time updates on the status of cross-border payments. This improves transparency and allows for faster resolution of any issues.
CBPR+ standardises cash management messages (e.g., camt.053) to facilitate efficient management of cash positions and balances across borders. This enables banks to optimise their liquidity management and reduce operational costs.
CBPR+ standardises the processing of cross-border cheques, ensuring consistent and efficient handling.
CBPR+ introduces standardised formats for direct debit initiation and processing, improving accuracy and reducing errors.
While not actually mentioned in CBPR+ documentation, the standardisation of payment messages and data formats can benefit trade finance transactions, such as letters of credit and guarantees.
CBPR+ Implementation
While CBPR+ and ISO 20022 are closely intertwined, their implementation has some important distinctions. CBPR+ is based on SR 2019 ISO 20222 messages, and its implementation is a broader regulatory initiative:
Key Differences
| Feature | ISO 20022 Implementation | CBPR+ Implementation |
|---|---|---|
| Focus | Technical implementation of ISO 20022 standards | Regulatory compliance and process optimisation |
| Scope | Primarily internal systems and processes | External relationships and regulatory requirements |
| Timeline | Often project-based with specific deadlines | Ongoing process of adaptation and improvement |
Step 1: Conduct a comprehensive gap analysis
Step 2: Develop a detailed implementation plan
Step 3: Upgrade systems and data
System Upgrades:
Data Conversion:
Step 4: Implement new processes and controls
Process Re-engineering:
Control Framework:
Step 5: Test and deploy
Next steps
CBPR+ and ISO 20022 go hand-in-hand and should be considered relatives of the same drive for a better payments landscape. Implementing them in the same project plan is more than possible, and sensible, to ensure compliance and avoid the duplication of effort.
With CBPR+ in place, you’ll be ready for future regulation changes, better protected from financial crime, better placed to respond to opportunities in the market. More automation and richer data puts you in a position to make smarter decision at higher speeds, giving you a march on your competitors.
We’re expecting CBPR+ uptake to be similar to ISO 20022 – lots of businesses aren’t as prepared as they should be. So simply by complying with the requirements, you’ll gain an advantage.
For do-it-yourself guidance for both CBPR+ and ISO 20022, or to discuss your needs our payments experts and explore a done-for-you solution, get in touch now.
